LEADER 04593oam 2200505zu 450 001 9910698282203321 005 20210807003853.0 035 $a(CKB)2430000000035674 035 $a(SSID)ssj0000465017 035 $a(PQKBManifestationID)12212258 035 $a(PQKBTitleCode)TC0000465017 035 $a(PQKBWorkID)10427046 035 $a(PQKB)21985287 035 $a(NjHacI)992430000000035674 035 $a(OCoLC)70705346 035 $a(EXLCZ)992430000000035674 100 $a20160829d2002 uy 101 0 $aeng 135 $aur||||||||||| 181 $ctxt 182 $cc 183 $acr 200 10$aSecurity Guide for Interconnecting Information Systems: Recommendations of the National Institute of Standards and Technology 210 31$a[Place of publication not identified]$cDIANE Publishing Company$d2002 215 $a1 online resource (iii, 56 pages) $cillustrations 225 1 $aNIST special publication ;$v800-47.$aComputer security 300 $aBibliographic Level Mode of Issuance: Monograph 320 $aIncludes bibliographical references and index. 330 $aThe Security Guide for Interconnecting Information Technology Systems provides guidance for planning, establishing, maintaining, and terminating interconnections between information technology (IT) systems that are owned and operated by different organizations. The guidelines are consistent with the requirements specified in the Office of Management and Budget (OMB) Circular A-130, Appendix III, for system interconnection and information sharing. A system interconnection is defined as the direct connection of two or more IT systems for the purpose of sharing data and other information resources. The document describes various benefits of interconnecting IT systems, identifies the basic components of an interconnection, identifies methods and levels of interconnectivity, and discusses potential security risks associated with an interconnection. The document then presents a "life-cycle management" approach for interconnecting IT systems, with an emphasis on security. The four phases of the interconnection life cycle are addressed: 1) Planning the interconnection: the participating organizations perform preliminary activities; examine all relevant technical, security, and administrative issues; and form an agreement governing the management, operation, and use of the interconnection. 2) Establishing the interconnection: the organizations develop and execute a plan for establishing the interconnection, including implementing or configuring appropriate security controls. 3) Maintaining the interconnection: the organizations actively maintain the interconnection after it is established to ensure that it operates properly and securely. 4) Disconnecting the interconnection: one or both organizations may choose to terminate the interconnection. The termination should be conducted in a planned manner to avoid disrupting the other party's system. In response to an emergency, however, one or both organizations may decide to terminate the interconnection immediately. The document provides recommended steps for completing each phase, emphasizing security measures that should be taken to protect the connected systems and shared data. The document also contains guides and samples for developing an Interconnection Security Agreement (ISA) and a Memorandum of Understanding/Agreement (MOU/A). The ISA specifies the technical and security requirements of the interconnection, and the MOU/A defines the responsibilities of the participating organizations. Finally, the document contains a guide for developing a System Interconnection Implementation Plan, which defines the process for establishing the interconnection, including scheduling and costs. 531 $aSECURITY GUIDE FOR INTERCONNECTING INFORMATION TECHNOLOGY SYSTEMS 606 $aComputer networks$xStandards$zUnited States 606 $aComputer networks$xSecurity measures 606 $aComputer networks$xStandards 615 0$aComputer networks$xStandards 615 0$aComputer networks$xSecurity measures. 615 0$aComputer networks$xStandards. 676 $a005.8 700 $aGrance$b Tim$01351561 702 $aHash$b Joan 712 02$aInformation Technology Laboratory (National Institute of Standards and Technology). 801 0$bPQKB 906 $aBOOK 912 $a9910698282203321 996 $aSecurity Guide for Interconnecting Information Systems: Recommendations of the National Institute of Standards and Technology$93119424 997 $aUNINA